wip: home proxy
This commit is contained in:
parent
893f33e7f9
commit
3f717f4b28
3 changed files with 19 additions and 0 deletions
Binary file not shown.
|
@ -17,6 +17,8 @@ in
|
||||||
|
|
||||||
(import ../nixos/atticd.nix (args // { inherit secret; }))
|
(import ../nixos/atticd.nix (args // { inherit secret; }))
|
||||||
|
|
||||||
|
(import ../nixos/home-proxy.nix (args // { inherit secret; }))
|
||||||
|
|
||||||
../nixos/tailscale.nix
|
../nixos/tailscale.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
17
system/nixos/home-proxy.nix
Normal file
17
system/nixos/home-proxy.nix
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
{ pkgs, config, secret, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
services.nginx.streamConfig = ''
|
||||||
|
upstream home {
|
||||||
|
resolver 1.1.1.1 ipv6=off;
|
||||||
|
server ${secret.nginx.upstream.home.hostname}:${secret.nginx.upstream.home.port};
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen ${secret.nginx.upstream.home.port};
|
||||||
|
proxy_pass home;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
|
||||||
|
networking.firewall.interfaces."enp1s0".allowedTCPPorts = [ secret.nginx.upstream.home.port ];
|
||||||
|
}
|
Loading…
Reference in a new issue